© Crown Copyright. All rights reserved.
Chris Ulliott
Cloud Security
Technical Director and
Chief IAArchitect, CESG
this is
not new
© Crown Copyright. All rights reserved.
understand your
requirements
© Crown Copyright. All rights reserved.
value your
© Crown Copyright. All rights reserved.
principles
© Crown Copyright. All rights reserved.
data in transit
resilience
separation
governance
operational
personnel
dev supply chain
management
ID&A
interface protecti...
understand the
serviceoffering
© Crown Copyright. All rights reserved.
(I/P/S)aaS
© Crown Copyright. All rights reserved.
public
community
private or
© Crown Copyright. All rights reserved.
data in
transit
protection
© Crown Copyright. All rights reserved.
asset
protection
& resilience
© Crown Copyright. All rights reserved.
separation
between
customers
© Crown Copyright. All rights reserved.
governance
© Crown Copyright. All rights reserved.
operational
security
© Crown Copyright. All rights reserved.
personnel
security
© Crown Copyright. All rights reserved.
secure
development
© Crown Copyright. All rights reserved.
supply chain
security
© Crown Copyright. All rights reserved.
secure
consumer
management
© Crown Copyright. All rights reserved.
ID&A
© Crown Copyright. All rights reserved.
external
interface
protection
© Crown Copyright. All rights reserved.
secure
service
admin.
© Crown Copyright. All rights reserved.
audit
information
provision to
customers
© Crown Copyright. All rights reserved.
secure use
by the
consumer
© Crown Copyright. All rights reserved.
get
assurance
© Crown Copyright. All rights reserved.
assertion
© Crown Copyright. All rights reserved.
contractual
© Crown Copyright. All rights reserved.
independent
validation or
testing
© Crown Copyright. All rights reserved.
assurance
in the
design
© Crown Copyright. All rights reserved.
assured
components
© Crown Copyright. All rights reserved.
alternative
mitigations
© Crown Copyright. All rights reserved.
accept the residual
© Crown Copyright. All rights reserved.
get the details at:
https://www.gov.uk
/government
/collections
/cloud-security-guidance
© Crown Copyright. All rights res...
Questions
© Crown Copyright. All rights reserved.
Upcoming SlideShare
Loading in...5
×

Security in the cloud - making it a safe prospect

259

Published on

A talk delivered by Chris Ulliott, Technical Director at GCHQ, at Cloud Control: Implementing cloud computing 2014, hosted by Civil Service World and Eduserv.

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
259
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
3
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Security in the cloud - making it a safe prospect

  1. 1. © Crown Copyright. All rights reserved. Chris Ulliott Cloud Security Technical Director and Chief IAArchitect, CESG
  2. 2. this is not new © Crown Copyright. All rights reserved.
  3. 3. understand your requirements © Crown Copyright. All rights reserved.
  4. 4. value your © Crown Copyright. All rights reserved.
  5. 5. principles © Crown Copyright. All rights reserved.
  6. 6. data in transit resilience separation governance operational personnel dev supply chain management ID&A interface protection administration audit user responsibilities © Crown Copyright. All rights reserved.
  7. 7. understand the serviceoffering © Crown Copyright. All rights reserved.
  8. 8. (I/P/S)aaS © Crown Copyright. All rights reserved.
  9. 9. public community private or © Crown Copyright. All rights reserved.
  10. 10. data in transit protection © Crown Copyright. All rights reserved.
  11. 11. asset protection & resilience © Crown Copyright. All rights reserved.
  12. 12. separation between customers © Crown Copyright. All rights reserved.
  13. 13. governance © Crown Copyright. All rights reserved.
  14. 14. operational security © Crown Copyright. All rights reserved.
  15. 15. personnel security © Crown Copyright. All rights reserved.
  16. 16. secure development © Crown Copyright. All rights reserved.
  17. 17. supply chain security © Crown Copyright. All rights reserved.
  18. 18. secure consumer management © Crown Copyright. All rights reserved.
  19. 19. ID&A © Crown Copyright. All rights reserved.
  20. 20. external interface protection © Crown Copyright. All rights reserved.
  21. 21. secure service admin. © Crown Copyright. All rights reserved.
  22. 22. audit information provision to customers © Crown Copyright. All rights reserved.
  23. 23. secure use by the consumer © Crown Copyright. All rights reserved.
  24. 24. get assurance © Crown Copyright. All rights reserved.
  25. 25. assertion © Crown Copyright. All rights reserved.
  26. 26. contractual © Crown Copyright. All rights reserved.
  27. 27. independent validation or testing © Crown Copyright. All rights reserved.
  28. 28. assurance in the design © Crown Copyright. All rights reserved.
  29. 29. assured components © Crown Copyright. All rights reserved.
  30. 30. alternative mitigations © Crown Copyright. All rights reserved.
  31. 31. accept the residual © Crown Copyright. All rights reserved.
  32. 32. get the details at: https://www.gov.uk /government /collections /cloud-security-guidance © Crown Copyright. All rights reserved.
  33. 33. Questions © Crown Copyright. All rights reserved.
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×